#!/bin/sh
#-- Copyright 2015 Jonathan Bennett <jbennett@incomsystems.biz>
#-- Licensed to the public under the GNU General Public License v2.
. /lib/functions/network.sh

[ "$(uci -q get fwknopd.@access[0].KEY)" != "CHANGEME" ] && exit 0

uci delete fwknopd.@access[0].KEY
uci delete fwknopd.@access[0].HMAC_KEY
uci set fwknopd.@access[0].keytype='Base64 key'
uci set fwknopd.@access[0].hkeytype='Base64 key'
uci set fwknopd.@access[0].KEY_BASE64=`fwknopd --key-gen | awk '/^KEY/ {print $2;}'`
uci set fwknopd.@access[0].HMAC_KEY_BASE64=`fwknopd --key-gen | awk '/^HMAC/ {print $2;}'`
uci set fwknopd.@config[0].ENABLE_IPT_FORWARDING='y'
uci set fwknopd.@config[0].ENABLE_NAT_DNS='y'

uci commit fwknopd
exit 0
